Address
304 North Cardinal St.
Dorchester Center, MA 02124
Work Hours
Monday to Friday: 7AM - 7PM
Weekend: 10AM - 5PM
I finally got around to putting together and installing my Zotac ZBOX CI323 pfSense box this weekend.
Zotac ZBOX CI323 pfSense – Equipment
I chose the Zotac ZBOX CI323 as it came in a bit under price of the SG-2200 while being a bit more powerful.
It came in a great looking box, which would also work well as storage afterwards.
I also picked up a 60GB Kingston SSD and 8GB of Crucial memory as the default build didn’t come with either.
The machine itself was well designed, and had a good number of ports on the front and back.
Hardware Upgrade
Opening the bottom of the case was a breeze, as it just took 4 thumb screws and a gentle pull.
The RAM slots were easily accessible, and I had no problem getting both sticks to snap in place.
Installing the SSD was a little harder, as there was a mounting bracket in place to keep the drive from wiggling around/hitting the bottom of the case. Once I got everything properly situated, it just took 4 screws and it was good to go.
Size wise, this thing is tiny; here is a comparison of it to my 500r case.
Zotac ZBOX CI323 pfSense – pfSense Installation
Thankfully, when I finally booted it up, the BIOS was up-to-date and all the new hardware was properly detected.
The pfSense installation was actually the hardest part of this process, but that was mostly my fault. Initially I was having trouble burning the bootable USB drive, but that just had to do with the application I was trying to use. My second issue was that I was attempting to install the Intel edition on the box. While the other option is AMD64, this is actually the option for both AMD and Intel 64-bit processors. Once I got that sorted out, everything went much smoother.
The installation was pain-free and straight forward, and after a few minutes the pfSense Web Configurator wizard appeared.
Once that was complete, my new router was up and running on the network!
Ray Doyle is an avid pentester/security enthusiast/beer connoisseur who has worked in IT for almost 16 years now. From building machines and the software on them, to breaking into them and tearing it all down; he’s done it all. To show for it, he has obtained an OSCE, OSCP, eCPPT, GXPN, eWPT, eWPTX, SLAE, eMAPT, Security+, ICAgile CP, ITIL v3 Foundation, and even a sabermetrics certification!
He currently serves as a Senior Staff Adversarial Engineer for Avalara, and his previous position was a Principal Penetration Testing Consultant for Secureworks.
This page contains links to products that I may receive compensation from at no additional cost to you. View my Affiliate Disclosure page here. As an Amazon Associate, I earn from qualifying purchases.
18 Comments
Leave a Reply
This site uses Akismet to reduce spam. Learn how your comment data is processed.
Excellent, exactly what I was looking for..
Any issues later or limitations?
None at all, it is still working great.
I don’t have anything TOO intensive running on it yet, but I plan on adding Snort to it eventually, as well as some logging and monitoring.
I’ve had no issues with it, and only rebooted it once I believe?
Nice! I have an old dual-core small form factor HP PC running CentOS and using it as a router. Everything is manual including 2 network cards, DHCP Server, routing, OpebVPN and SSH plus a few other tools but it does not have any monitoring tools like Pfsense, plus its not power efficient, so now thinking about getting one of these boxes to replace that. The good thing is its rock solid, haven’t rebooted it in 9 months now. The only thing I am concerned about is the performance. I also would like to play with Snort and Squid.. Keep me posted on how it goes.
Thanks,
Arman
hey-
I’ve decided to go this route, being fairly familiar with pfSense myself. Received the little box yesterday- same model as the one listed here. Ran into installation issues. I’ve tried both a PC (win 7) and my mac (whatever the latest update provided) and can’t seem to get the thing to install from USB or the SD slots.
The bios and/or boot selection recognizes when I have the devices, and when I select the device that I want to boot from- I consistently get a “drive not found” type error.
Mind you- I’m not a n00b to this kind of thing, and I’ve tried all the tricks in the book that I know… but maybe I’m overlooking something?
Got any hints as to what you did to get it to load the OS?
Did you leave the Bios settings alone for the most part, or did you change, perhaps, the boot option from “WIN10 UEFI” to “Legacy” mode?
Any input would be appreciated.
Thanks!
Hi Myles,
Yea, glad to try and help you get it sorted out.
I did change the boot options to “Legacy” mode, as there was no UEFI image that would work on the box. Try that and let me know if it fixes it!
That was totally it.
Much thanks for getting back to me on this.
Have you tried the Wifi side of the device yet? I haven’t found anything that would suggest that it would work without changing cards. No big deal if you haven’t looked at it yet… but, well… you know. 😉
Great, glad that fixed it, and glad to help!
I haven’t actually. I’m just using the ethernet ports as incoming and outgoing, and have a Meraki as my home AP.
Pingback via https://www.doyler.net/security-not-included/egressbuster-firewall-rules
Pingback via https://www.doyler.net/security-not-included/egressbuster-firewall-rules
Hey wondering if you are still running this box and would still recommend it 3 years later. Looking at getting one for OPNsense.
I am still running this box, and regularly recommend it to people looking to setup/build a router!
Thanks for this article, I am also looking to get a home built pfsense router set up. I have seen others complain that the Zotacs use Realtek NICs and that apparently causes an issue with pfsense. Did you run into this, and if so, how did you work around it?
There are a few issues with the Realtek NICs, but I never ran into them until I upgraded to full gigabit. That said, I’ve got a post that I’m working on now that will cover how I fixed it! I’ll be sure to respond here once it is done as well.
I would love to have a step-by-step fix for this I had to stop using the one I had put an actual computer together because of the network card issue
Just posted it myself!
https://www.doyler.net/security-not-included/re0-watchdog-timeout-error
[…] you can see, the Zotac pfSense firewall that I built is running 2x Realtek […]
[…] Zotac ZBOX CI323 pfSense Build and Configuration […]
[…] Zotac ZBOX CI323 pfSense Build and Configuration […]